Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CWNP CWSP-207 Exam - Topic 1 Question 6 Discussion

Given: ABC Company has a WLAN controller using WPA2-Enterprise with PEAPv0/MS-CHAPv2 and AES-CCMP to secure their corporate wireless data. They wish to implement a guest WLAN for guest users to have Internet access, but want to implement some security controls. The security requirements for the hot-spot include:Cannot access corporate network resourcesNetwork permissions are limited to Internet accessAll stations must be authenticatedWhat security controls would you suggest? (Choose the single best answer.)
D) Require guest users to authenticate via a captive portal HTTPS login page and place the guest WLAN and the corporate WLAN on different VLANs.
A) Implement separate controllers for the corporate and guest WLANs.
B) Use a WIPS to deauthenticate guest users when their station tries to associate with the corporate WLAN.
C) Configure access control lists (ACLs) on the guest WLAN to control data types and destinations.
E) Force all guest users to use a common VPN protocol to connect.

CWNP CWSP-207 Exam - Topic 1 Question 6 Discussion

Actual exam question for CWNP's CWSP-207 exam
Question #: 6
Topic #: 1
[All CWSP-207 Questions]

Given: ABC Company has a WLAN controller using WPA2-Enterprise with PEAPv0/MS-CHAPv2 and AES-CCMP to secure their corporate wireless dat

a. They wish to implement a guest WLAN for guest users to have Internet access, but want to implement some security controls. The security requirements for the hot-spot include:

Cannot access corporate network resources

Network permissions are limited to Internet access

All stations must be authenticated

What security controls would you suggest? (Choose the single best answer.)

Show Suggested Answer Hide Answer
Suggested Answer: D

by Georgeanna at Jun 21, 2024, 05:21 AM

Limited Time Offer

25%

Off

Get Premium CWSP-207 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Gerald
6 months ago
E sounds too restrictive for casual users.
upvoted 0 times
...
Lizbeth
6 months ago
Wait, a captive portal? Isn't that a hassle for guests?
upvoted 0 times
...
Stevie
7 months ago
A is a solid choice too, but it might be overkill.
upvoted 0 times
...
Glory
7 months ago
I agree, D covers both authentication and segmentation.
upvoted 0 times
...
Brett
7 months ago
D seems like the best option for security.
upvoted 0 times
...
Leota
7 months ago
I recall that using ACLs can help control traffic, but I'm not convinced it's the best solution here. It feels like it might not fully address the authentication requirement.
upvoted 0 times
...
Anabel
7 months ago
I practiced a similar question where we had to limit access for guest users. I think option D covers both authentication and isolation, which is crucial.
upvoted 0 times
...
Noah
8 months ago
I'm not entirely sure about the best approach here. I think using a captive portal is common, but I wonder if just VLAN separation is enough.
upvoted 0 times
...
Daron
8 months ago
I remember we discussed the importance of separating guest and corporate networks during our study sessions. Option A seems like a solid choice.
upvoted 0 times
...
Lashaun
8 months ago
This is a good one. I like the idea of the captive portal and separate VLANs to isolate the guest network. That way you can control access and authentication without impacting the corporate WLAN. Option D gets my vote.
upvoted 0 times
...
Margot
8 months ago
I'm a little confused by the options here. Wouldn't using a WIPS to deauthenticate guests from the corporate WLAN be a bit risky? That could potentially disrupt legitimate users as well. I think the captive portal with separate VLANs is the safest bet.
upvoted 0 times
...
Louis
8 months ago
Okay, let's think this through. The key requirements are to limit guest access to the internet only and prevent them from accessing corporate resources. Separate controllers and VLANs seem like a solid approach to achieve that. I'm going to go with option D.
upvoted 0 times
...
Louisa
8 months ago
Hmm, I'm a bit unsure about this one. The requirements mention that all stations need to be authenticated, but a VPN seems like overkill for a guest network. I'm leaning towards the captive portal approach, but I'll need to double-check the details.
upvoted 0 times
...
Mica
8 months ago
This seems like a pretty straightforward question. I'd go with option D - using a captive portal and separate VLANs seems like the best way to isolate the guest WLAN from the corporate network.
upvoted 0 times
...
Caprice
8 months ago
Hmm, I'm not sure about this. I'll have to think it through carefully. Is the hand-over of testware part of the planning and control phase, or the closure activities?
upvoted 0 times
...
Amos
8 months ago
If I remember correctly, strict controls on construction materials were emphasized in class as a method to prevent brittle fractures.
upvoted 0 times
...
Katina
8 months ago
This question seems straightforward, but I want to make sure I understand the requirements correctly. The key is to determine the optimal signal strength, SNR, and packet loss for the services mentioned.
upvoted 0 times
...
Angelyn
8 months ago
I'm a little confused by the wording of these options. I'll need to re-read the question and think about what "synchronization of daily schedules" really means in this context.
upvoted 0 times
...
Youlanda
2 years ago
D is the clear winner here. Separating the networks and requiring authentication is crucial. Though I do hope the captive portal isn't too tedious for the guests. Ain't nobody got time for that!
upvoted 0 times
Izetta
2 years ago
Yeah, separating the networks and using a captive portal for authentication is a good balance of security and usability.
upvoted 0 times
...
Kayleigh
2 years ago
I agree, D seems like the best option to ensure security for the guest WLAN.
upvoted 0 times
...
...
Ashanti
2 years ago
I would also consider option C) Configure access control lists (ACLs) on the guest WLAN to control data types and destinations for additional security measures.
upvoted 0 times
...
Muriel
2 years ago
I agree, D is the best choice. Implementing a captive portal and separate VLANs will effectively isolate the guest network while still providing internet access.
upvoted 0 times
...
Helene
2 years ago
I agree with Jamal. It's important to separate the guest WLAN from the corporate network to prevent unauthorized access.
upvoted 0 times
...
Marisha
2 years ago
D. Requiring a captive portal HTTPS login page and separate VLANs seems like the most secure and comprehensive solution for the guest WLAN.
upvoted 0 times
Ressie
2 years ago
Implementing separate controllers for the corporate and guest WLANs might be a good idea to further enhance security measures.
upvoted 0 times
...
Josephine
2 years ago
It's important to restrict access to only Internet resources for guest users to prevent any unauthorized access to the corporate network.
upvoted 0 times
...
Janna
2 years ago
I agree, using a captive portal HTTPS login page and separate VLANs would definitely help ensure guest users are isolated from the corporate network.
upvoted 0 times
...
...
Jamal
2 years ago
I think the best option would be D) Require guest users to authenticate via a captive portal HTTPS login page and place the guest WLAN and the corporate WLAN on different VLANs.
upvoted 0 times
...

Save Cancel